Job Description

1,000+ business associates in 4 countries including a Novartis Global Service Centre, should be on an attitude that embraces roll out of the latest security technology initiative and practices and protects Novartis Information. Together with you, we will continue to drive this shift with the efficient process and sustainability of our Novartis Information Management Framework (IMF) and awareness campaigns.

The purpose of the role is to partner with regional senior IT and Business leads to implement and support a broad range of Information Security and Compliance (ISC) topics including information security, compliance and/or information risk management. In this role, provide governance/risk advice and support for an IT functional team or lead all aspects of a specific governance/risk area globally.

Your responsibilities include, but are not limited to:

• Provide governance/risk advice and support for DDIT GDD Function and oversee a specific governance/risk area globally. Ensure IT project risks are managed in line with ISC strategy, the policy framework, laws and regulations and outstanding industry standards.

• Ensure monitoring of information risk and proactive mitigation of issues. Deliver global information governance programs, e.g. risk management processes, information security awareness programs, data classification, storage & transmission guidelines, audit support, or development and maintenance and implementation of the Information Management Policy Framework

• Maintain strong knowledge of internal controls and internal risk and control frameworks/standards or the Information Management Policy Framework

• Ensure good communication and collaboration with the Service Delivery Teams, advise them on information security, IT compliance and / or information risk management matters. Ensure role, accountability, and responsibility of ISC is known and understood. Vice versa, establish clear accountability of the \xe2\x80\x9cfirst layer of defence\xe2\x80\x9d with IT and business, such that security and IT compliance accountability is not abdicated to ISC (which should have a \xe2\x80\x9c2nd layer of defence\xe2\x80\x9d role)

• Continuously support risk-based treatment of threats, gaps, vulnerabilities, and risks in the Service Delivery area. Support dashboards, reports and KPI reporting and improvements. Guide teams and support them in understanding the risk exposure and technical safeguards.

• Identify points of improvement or gaps in the service delivery of the central ISC teams and work together with them to resolve them. Review ongoing improvements and the feasibility of enhancements to global processes for ISC.

• Systematically support implementation and monitoring of the ISC Policy Framework on Information Technology and Operational Technology projects within the IT Function

• Analyze impact of new technologies and regulatory changes on information security considering Cyber Security and Data Privacy Acts, Laws, and Regulations

Minimum requirements

What you\'ll bring to the role:

• 10+ years of professional experience in a similar role with university level degree in business/IT technical/scientific area or comparable education/experience

• Good knowledge with GxP regulated business processes in the pharmaceutical industry, preferably QC&QA, Supply Chain and/or Manufacturing & Engineering.

• Experience with supporting projects about Information Security and Risk Management topics for high complexity multi-site, regional, global project portfolio / scope. Experience in an international matrix organization

• Strong knowledge in IMF Framework and ISC Tools. Understand and be able to efficiently support Waterfall SDLC and Agile ways of working. Understand and effectively support project delivery.

• Experience in reporting to and communicating with senior management (with and without IT background, with and without in-depth risk management background) on information risk topics. Experience in practical application of Risk Management

• Proficient in English (written and spoken)

DESIRABLE REQUIREMENTS:

• Experience with IT security and implementing policies in one of the following areas: Patient Safety, Clinical Operations, Analytics, Data Management, TRD & Labs, Regulatory

• Professional information security, risk, or audit certification, such as CISSP, CISM, CIA, CISA, CRISC or ISO 27001 auditor / practitioner

#Transformingforgrowth

Why consider Novartis?
769 million lives were touched by Novartis medicines in 2022, and while we\'re proud of this, we know there is so much more we could do to help improve and extend people\'s lives.

We believe new insights, perspectives and ground-breaking solutions can be found at the intersection of medical science and digital innovation. That a diverse, equitable and inclusive environment inspires new ways of working.

We believe our potential can thrive and grow in an unbossed culture underpinned by integrity, curiosity and flexibility. And we can reinvent what\'s possible, when we collaborate with courage to aggressively and ambitiously tackle the world\'s toughest medical challenges. Because the greatest risk in life, is the risk of never trying!

Imagine what you could do here at Novartis!

India Accessibility and accommodation
Novartis is committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the recruitment process, or in order to perform the essential functions of a position, please send an e-mail to diversityandincl.india@novartis.comand let us know the nature of your request and your contact information.

Join our Novartis Network:
If this role is not suitable to your experience or career goals but you wish to stay connected to hear more about Novartis and our career opportunities, join the Novartis Network here: https://talentnetwork.novartis.com/network

Functional Area

Technology Transformation

Division

CTS

Business Unit

TT CTS

Employment Type

Regular

Commitment to Diversity & Inclusion:

Novartis is committed to building an outstanding, inclusive work environment and diverse teams representative of the patients and communities we serve.

Shift Work

No

Early Talent

No

Novartis